TheChannel9Team

Gabriel Torok - Protecting .NET applications through obfuscation

Download this episode

Download Video

Description

Gabriel Torok is CEO of Preemptive Solutions. They sell the Dotfuscator, which lets developers protect their programs against reverse engineering while making them smaller and more efficient. Here Mike Hall interviews Gabriel about how Dotfuscator works.

Tag:

Security

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    • kidzi
      This is interesting, but how does one go about debugging an application which is dotfuscated? I am used to internal apps where we can look at a call stack, list of 30 recent functions and runtime comments for our apps. 

      What is needed to provide a level of error information when the function names and strings are unreadable?
    • iStation
      MS, please include Dotfuscator Pro in MSDN subscription.
      At least, please include a string encryption and an ILDASM breaker in Dotfuscator community version of Visual Studio 2005!
      Please!!!!!
      Smiley
    • sn1p3t
      kidzi wrote:
      This is interesting, but how does one go about debugging an application which is dotfuscated? I am used to internal apps where we can look at a call stack, list of 30 recent functions and runtime comments for our apps. 

      What is needed to provide a level of error information when the function names and strings are unreadable?


      When you debug, it uses the original IL, not the obfuscated one, so internal debugging will remain  the same.

      I can't wait to see all the new features coming out!
    • lionel.l
      XenoCode's obfuscator provides a mapping file feature enabling you to convert back to readable information.

      For more details on the file mapping feature:

      http://www.xenocode.com/en/Man/advanced_topics/debugging_xenocode_processed_assemblies.htm

      Lionel Lindemann
      XenoCode Europe
      http://www.xenocode.com
    • kidzi

      OK. I re-read my post and I was a bit unclear. I meant debugging an issue from a user. The situationwould be f an end-user is running the app and it blows up - they would be running the obfuscated one.  How would you translate an error at end-user runtime into something you can work with back in the development area?

    • bleach
      There are a couple things you can do to facilitate debugging Dotfuscated applications.  The first best addresses your question:

      1) Use the stack trace decoding tool:


      When you Dotfuscate your code, one of the outputs is a map file-- it is an XML file that contains a mapping between the new names and the original names.  You should keep this file in a safe place (like version control) after you ship your application.


      Dotfuscator Pro includes a stack trace decoding tool.  If you get an obfuscated stack trace from a user in the field, you can paste it into the tool, point it to your map file, and press the decode button.  The tool reconstructs the original stack trace.

      2) For interactive debugging, round trip the PDB files.

      Dotfuscator Pro allows you to create a PDB file associated with the output assembly.  It will take source file, line number, and local variable information from the input assembly's PDB and include it in the output PDB.  You can use this to interactively debug Dotfuscated applications.  You can even step through the original source code.  The drawback is that the debugger will still show the obfuscated symbol names when you are trying to examine variables, etc.

      Regards,
      Bill Leach
      PreEmptive Solutions, Inc.
    • JJWR
      This is an old topic, but I find usefull to report that there is a new standalone tool to decode dotfuscator symbols and stack traces, so we do not need to buy the expensive dotfuscator pro version to do this tasks Wink  It is called dfstack

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.